hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-01 19:55:15 +02:00
Code Issues Packages Projects Releases Wiki Activity
24,605 Commits 1,741 Branches 166 Tags
6500a1bbbbac3eebd839dc8c48d79961c17f785d
Commit Graph

24605 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Marcono1234
3569ed56e5 Java: Add TypeLiteral.getReferencedType() 2021-07-26 00:02:08 +02:00
Ethan P
87005b93e3 Remove placeholder note 2021-07-22 16:25:41 -04:00
intrigus-lgtm
a30005c42e Replace broken link with archive.org link. 2021-07-22 22:14:44 +02:00
Robert Marsh
0e9d36b922 Merge pull request #6335 from geoffw0/toctou2 
C++: Improvements to the cpp/toctou-race-condition query
 2021-07-22 12:49:32 -07:00
Taus
74f1992aaf Merge pull request #6352 from tausbn/mergeback-rc/3.2-to-main 
Mergeback `rc/3.2` to `main`
 2021-07-22 19:58:29 +02:00
Geoffrey White
d9682aa440 C++: Autoformat. 2021-07-22 18:32:40 +01:00
Dominik Bamberger
807fdb01c8 Add beta note. 2021-07-22 19:23:10 +02:00
Dominik Bamberger
b51db7f2de Include packaging in 'Using custom queries with the CodeQL CLI'. 2021-07-22 19:23:10 +02:00
Geoffrey White
e9b96adf24 C++: Exclude results formatted with a character other than %s. 2021-07-22 17:40:32 +01:00
Geoffrey White
f8fed263e6 C++: Exclude results that are used as file names. 2021-07-22 17:40:25 +01:00
Ethan P
c7731ebbbe Correct codeql database analyze command syntax 2021-07-22 11:44:54 -04:00
Dominik Bamberger
af80a255a3 Add example for 'Integrating a CodeQL pack into a Code Scanning workflow'. 2021-07-22 17:35:39 +02:00
Dominik Bamberger
7519288bfb Add example for 'Running a CodeQL pack'. 2021-07-22 17:35:39 +02:00
Chris Smowton
5c917b4a23 Merge pull request #6353 from sauyon/sauyon/java/model-constructors 
Java: Add models for collection constructors
 2021-07-22 16:27:59 +01:00
Rasmus Wriedt Larsen
f71c99af22 Merge pull request #5444 from jorgectf/jorgectf/python/ldapimproperauth 
Python: Add LDAP Improper Authentication query
 2021-07-22 17:00:09 +02:00
Geoffrey White
1d582182b0 C++: Exclude 'path'. 2021-07-22 15:49:30 +01:00
Geoffrey White
86ee5fea40 C++: More test cases and correct an existing one. 2021-07-22 15:47:06 +01:00
Sauyon Lee
fd02dcdf2e Java: Add models for collection constructors 2021-07-22 07:23:26 -07:00
Rasmus Wriedt Larsen
42a997cbcb Python: Fix deprecation warning 2021-07-22 15:59:13 +02:00
Ethan P
1606d96859 fix typo 2021-07-22 09:58:43 -04:00
Rasmus Wriedt Larsen
71e6db8a01 Merge branch 'main' into jorgectf/python/ldapimproperauth 2021-07-22 15:57:43 +02:00
Taus
6ea8ef5d16 Merge branch 'rc/3.2' into mergeback-rc/3.2-to-main 2021-07-22 13:52:56 +00:00
Taus
08f480a556 Merge pull request #6351 from tausbn/python-hotfix-localsourcenode-typetrackingnode 
Python: Hotfix `LocalSourceNode`
codeql-cli/v2.5.9 		2021-07-22 15:47:59 +02:00
Rasmus Wriedt Larsen
802d9bda83 Merge pull request #5680 from mrthankyou/python-use-sqlalchemy 
Python: Add SqlAlchemy model
 2021-07-22 15:31:39 +02:00
Mathias Vorreiter Pedersen
f6f9c8af65 Merge pull request #6350 from MathiasVP/mergeback-2021-07-22 
Mergeback `rc/3.2`
 2021-07-22 15:13:44 +02:00
Taus
020c6e3b3b Python: Update change note 2021-07-22 13:11:29 +00:00
Taus
badf6311c9 Python: Remove flow between globals... 
... in a local scope. Or rather, remove these from the `hasLocalSource`
relation.

This prevents a quadratic blowup when the same global is mentioned
_a lot_ of times within a single function scope.
 2021-07-22 13:10:40 +00:00
Taus
ed794f42b5 Python: Soft revert TypeTrackingNode 
Temporarily instates `TypeTrackingNode` as an alias of `LocalSourceNode`
as having it as a separate class lead to performance regressions.

In the hopes that this will be resolved in the near future, I have left
the current `TypeTrackingNode` implementation in situ, but hidden inside
a `FutureWork` private module.
 2021-07-22 13:10:07 +00:00
Mathias Vorreiter Pedersen
e34261accf Merge branch 'rc/3.2' into mergeback-2021-07-22 2021-07-22 14:40:22 +02:00
Geoffrey White
7fdac2a792 Merge pull request #6347 from MathiasVP/import-gvn-to-prevent-ir-reevaluation 
C++: Import 'GVN' in 'Overflow.qll' to prevent IR reevaluation.
codeql-cli/v2.5.8 		2021-07-22 13:37:03 +01:00
Taus
b8a40bb7f1 Merge pull request #6348 from tausbn/python-hotfix-disable-redos-queries 
Python: Hotfix: Disable ReDoS queries
 2021-07-22 13:32:14 +02:00
Dominik Bamberger
6d869f2572 Remove section on 'Creating a custom QL pack'. 2021-07-22 13:25:01 +02:00
Taus
bfe42ae146 Python: Update change note 2021-07-22 11:10:08 +00:00
Taus
e9a4114c04 Python: Hotfix: Disable ReDoS queries 2021-07-22 10:58:49 +00:00
Geoffrey White
a4c137fae5 C++: Add '_fsopen' as well. 2021-07-22 11:31:41 +01:00
Mathias Vorreiter Pedersen
39144ee02b C++: Import 'GVN' in 'Overflow.qll' to prevent IR reevaluation. 2021-07-22 11:35:16 +02:00
Chris Smowton
e2a533c7de Merge pull request #6346 from aschackmull/java/perf-fix 
Java: Fix bad magic.
 2021-07-22 10:15:16 +01:00
Chris Smowton
605f037af8 Merge pull request #6247 from p0wn4j/spring-responseentity-redirect-sink 
[Java] CWE-601: Add Spring URL Redirect ResponseEntity sink
 2021-07-22 09:45:30 +01:00
Anders Schack-Mulligen
dcfc027b5f Java: Fix bad magic. 2021-07-22 10:12:49 +02:00
Chris Smowton
c568a9463a Remove <> qualifier from ResponseEntity name 
This was an extractor bug that was fixed recently
 2021-07-21 17:58:06 +01:00
Geoffrey White
fa0f5d08a2 Merge branch 'main' into toctou2 2021-07-21 16:21:29 +01:00
Ethan P
3a048a1cdd Add `qlpack.yml` information 2021-07-21 09:27:41 -04:00
Mathias Vorreiter Pedersen
73ee7409f6 Merge pull request #6342 from MathiasVP/fix-fp-in-uninitialized-local 
C++: Fix FP in `cpp/uninitialized-local`
 2021-07-21 14:46:57 +02:00
Ethan P
2cdf404e05 Create "About CodeQL packs" and add to ToC 2021-07-21 08:10:46 -04:00
Anders Schack-Mulligen
22f6b021ba Merge pull request #6338 from aschackmull/java/cleanup-deprecated 
Java: Remove deprecated ParExpr.
 2021-07-21 11:36:40 +02:00
Geoffrey White
daed988108 Merge pull request #6341 from MathiasVP/mergeback-2021-07-21 
Mergeback `rc/3.2`
 2021-07-21 10:35:07 +01:00
Mathias Vorreiter Pedersen
e536cecefe C++: Fix FP caused by a variable missing type information. 2021-07-21 11:04:23 +02:00
Mathias Vorreiter Pedersen
6d0290809d Merge branch 'rc/3.2' into mergeback-2021-07-21 2021-07-21 10:23:58 +02:00
Pavel Avgustinov
2d9600de4a Merge pull request #6340 from MathiasVP/revert-path-sensitive-stackvariablereachability 
C++: Revert #6004
 2021-07-21 09:17:56 +01:00
Ethan P
0eb2f903a3 add procedural information for publishing and using CodeQL packs 2021-07-20 23:21:36 -04:00